cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

add a new vnet to the Fortigate on azure

hamma91
Brass Contributor

‎Dec 03 2021 12:16 AM

‎Dec 03 2021 12:16 AM

add a new vnet to the Fortigate on azure

Hello 

 

With Fortigate now i have one virtual network (subnet inside / outside)

 

I want to add a new virtual network and integrate it with the fortigate, how i do that configuration ?

5,484 Views
0 Likes
4 Replies
Reply
4 Replies
best response confirmed by hamma91 (Brass Contributor)
ibnmbodji

‎Dec 03 2021 01:55 AM

‎Dec 03 2021 01:55 AM

Solution

Re: add a new vnet to the Fortigate on azure

@hamma91 

 

Hello  

- Create a route table  and associate  to all subnets of you virtual network (If you want to redirect the trafic for all subnets otherwise you can exclude one or more of them) 

- Create a user defined route  with  the following config 

     - Name : Friendly Name (ex : To_Firewall)

     - Address prefix :  0.0.0.0/0

     - Next Hop type :  Virtual Appliance 

     - Next Hop Ip address : Private IP of your Virtual appliance (here the fortinet) 

In the fortinet virtual appliance config 

- create the objects for the virtual network or subnets  

- create rules for the traffic  that fit your needs  

 

1 Like
Reply
hamma91

‎Dec 03 2021 02:51 AM

‎Dec 03 2021 02:51 AM

Re: add a new vnet to the Fortigate on azure

@ibnmbodji  thank you for y'r reply 

 

I create the RT. 

 

In the firewall, i have by default my two ports : 

port 1 : for external and port 2 : for internal   ===> for the first Vnet. (not the new one)

 

hamma91_0-1638528378169.png

 

To configure the new subnet on my firewall, i must use wich interface ? 

*** I create the address (object) of my new subnet on the firewall. 

 

hamma91_1-1638528494448.png

 

 

0 Likes
Reply
ibnmbodji

‎Dec 03 2021 03:27 AM

‎Dec 03 2021 03:27 AM

Re: add a new vnet to the Fortigate on azure

@hamma91 

 

You create  rule for  Inside  and a rule for outside like the ones in screenshots 

disclaimer : this is only for testing the traffic in prod you should  have very restrictive policies 

Preview file
267 KB
Preview file
347 KB
0 Likes
Reply
hamma91

‎Dec 03 2021 05:46 AM

‎Dec 03 2021 05:46 AM

Re: add a new vnet to the Fortigate on azure

@ibnmbodji  Yes bro. 

 

I forget to create the static route for this new Vnet with /16 

 

Thanks

 

 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by hamma91 (Brass Contributor)
ibnmbodji

‎Dec 03 2021 01:55 AM

‎Dec 03 2021 01:55 AM

Solution

Re: add a new vnet to the Fortigate on azure

@hamma91 

 

Hello  

- Create a route table  and associate  to all subnets of you virtual network (If you want to redirect the trafic for all subnets otherwise you can exclude one or more of them) 

- Create a user defined route  with  the following config 

     - Name : Friendly Name (ex : To_Firewall)

     - Address prefix :  0.0.0.0/0

     - Next Hop type :  Virtual Appliance 

     - Next Hop Ip address : Private IP of your Virtual appliance (here the fortinet) 

In the fortinet virtual appliance config 

- create the objects for the virtual network or subnets  

- create rules for the traffic  that fit your needs  

 

View solution in original post

1 Like
Reply